def delete(self, account_id): """Delete a service account.""" admin = UserAdmin() try: admin.deleteUser(userName=account_id) except WebFault as e: raise ResourceError(msg=admin.error_msg(e)) return ('', 204)
def get(self, account_id): """List all roles occupied by a service account.""" try: return ok(result=models.account_details(account_id), msg="Roles retrieved successfully.") except WebFault as e: admin = UserAdmin() raise ResourceError(msg=admin.error_msg(e))
def get(self, role_id): """List service accounts occupying a role.""" try: return ok(result=models.role_details(role_id), msg="Service accounts retrieved successfully.") except WebFault as e: admin = UserAdmin() raise ResourceError(msg=admin.error_msg(e))
def delete(self, role_id): """Delete a role from the system.""" admin = UserAdmin() try: admin.deleteRole(roleName=models.role_in(role_id)) except WebFault as e: raise ResourceError(admin.error_msg(e)) return ('', 204)
def all_accounts(): """Get all account_id's in the system.""" admin = UserAdmin() try: return admin.listUsers(filter='', limit=100) except WebFault as e: raise ResourceError(msg='error retrieving accounts: {}'.format(admin.error_msg(e))) except Exception as e: raise ResourceError(msg='Uncaught exception: {}'.format(e))
def post(self, account_id): """Add a role to the list of roles occupied by a service account.""" args = self.validate_post() admin = UserAdmin() try: admin.updateRolesOfUser(userName=account_id, newUserList=models.role_in(args['roleId'])) except WebFault as e: raise ResourceError(msg=admin.error_msg(e)) return ok(result=models.account_details(account_id), msg="Role {} added successfully.".format(args['roleId']))
def post(self): """Create a new role.""" args = self.validate_post() role_id = args['roleId'] admin = UserAdmin() try: admin.addInternalRole(roleName=models.role_in(role_id)) except WebFault as e: raise ResourceError(admin.error_msg(e)) return ok(result=models.role_details(role_id), msg="Role {} created successfully.".format(args['roleId']))
def post(self, role_id): """Add a service account to the list of accounts occupying a role.""" args = self.validate_post() admin = UserAdmin() try: admin.addRemoveUsersOfRole(roleName=models.role_in(role_id), newUsers=args['accountId']) except WebFault as e: raise ResourceError(admin.error_msg(e)) return ok(result=models.role_details(role_id), msg="Service account {} added to role.".format( args['accountId']))
def delete(self, account_id, role_id): """Remove a role from a service account's list of occupied roles.""" if models.has_role(account_id, role_id): admin = UserAdmin() try: admin.addRemoveRolesOfUser( userName=account_id, deletedRoles=models.role_in(role_id)) except WebFault as e: raise ResourceError(msg=admin.error_msg(e)) else: raise ResourceError( msg="{} does not occupy role {}".format(account_id, role_id)) return ('', 204)
def delete(self, role_id, account_id): """Remove service account from a role's list of service account occupying it.""" admin = UserAdmin() if models.has_role(account_id, role_id): # remove user from the role try: admin.addRemoveUsersOfRole(roleName=models.role_in(role_id), deletedUsers=account_id) except WebFault as e: raise ResourceError(admin.error_msg(e)) return ('', 204) raise ResourceError( msg="{} is not occupied by service account {}".format( role_id, account_id))
def post(self): """Create a new service account.""" args = self.validate_post() account_id = args['accountId'] if '-' in account_id: raise ResourceError( msg="Invalid account id: no '-' characters are allowed.") admin = UserAdmin() try: admin.addUser(userName=account_id, password=args['password']) except WebFault as e: raise ResourceError(msg=admin.error_msg(e)) except Exception as e: raise ResourceError(msg='Uncaught exception: {}'.format(e)) return ok(result=models.account_details(account_id), msg="Service account created successfully.")